diff --git a/debian/gitlab.templates b/debian/gitlab.templates
index 8853d3602b..afeae7fe7c 100644
--- a/debian/gitlab.templates
+++ b/debian/gitlab.templates
@@ -25,7 +25,8 @@ _Description: Enable https?
  (startssl.com) or WoSign (buy.wosign.com/free) offer free SSL certificates.
  .
  letsencrypt package may be used to automate interaction with Let’s Encrypt to
- obtain a certificate.
+ obtain a certificate. Nginx must be reloaded after the certificate and key
+ files are made available at /etc/gitlab/ssl.
 
 Template: gitlab/letsencrypt
 Type: boolean
@@ -38,5 +39,6 @@ _Description: Use Let's Encrypt?
  Otherwise, certificate and key files have to be placed manually to
  /etc/gitlab/ssl directory as 'gitlab.crt' and 'gitlab.key'.
  .
- Nginx must be reloaded after the certificate and key files are made available
- at /etc/gitlab/ssl.
+ Nginx will be stopped, if this option is selected, to allow letsencrypt to use
+ ports 80 and 443 during domain ownership validation and certificate retrieval
+ step.
diff --git a/debian/postinst b/debian/postinst
index 979e7df57d..e05fff732d 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -86,6 +86,9 @@ case "$1" in
           /etc/gitlab/ssl/gitlab.crt
           ln -sf /etc/letsencrypt/live/${GITLAB_HOST}/privkey.pem \
           /etc/gitlab/ssl/gitlab.key
+	  # Port 80 and 443 should be available for letsencrypt
+	  invoke-rc.d nginx stop
+	  letsencrypt -d ${GITLAB_HOST} certonly
         fi
       fi
 
@@ -98,6 +101,8 @@ case "$1" in
         echo "nginx example configuration file not found"
         exit 1
       fi
+      # Start nginx
+      invoke-rc.d nginx start
     else
       echo "Failed to retrieve fully qualified domain name"
       exit 1